boxtec
/
yacy_search_server
mirror of https://github.com/yacy/yacy_search_server
4
1
Fork 0
Code Issues Projects Releases Wiki Activity

Updated shell scripts to be compatible with HTTP Digest authentication

Browse Source 
Because curl and wget do not let use a hashed password as parameter,
YaCy shell scripts which require authentication are now interactive by
default when HTTP Digest is the only available authentication method.
Batch mode can still be available trough the use of an environment
variable : YACY_ADMIN_PASSWORD.  

Other improvements :
 - added backward compatibility for Basic Authentication
 - fixed curl/wget presence detection 
 - do not return with exit code 0 when an API call failed, and print an
error message when the case occurs
 - documented available authentication options for API calls
pull/122/head
luccioman 7 years ago
parent bdadbda5fa
commit 29e5110627
6 changed files with 106 additions and 24 deletions
Show Stats Download Patch File Download Diff File

48
bin/apicall.sh
Unescape View File

@ -1,14 +1,48 @@
#!/usr/bin/env sh
# Call an HTTP API on the local YaCy peer, authenticated as administrator
#
# Authentication options :
# - enable unauthenticated local access as administrator : set adminAccountForLocalhost=true in the DATA/SETTINGS/yacy.conf file
# - OR use the legacy Basic HTTP authentication mode (unsecured for remote access): set the "auth-method" to BASIC in the defaults/web.xml file
# - OR use the Digest HTTP authentication mode : set the "auth-method" to DIGEST in the defaults/web.xml file.
# With that last option, the script will run in interactive mode as default, prompting for the administrator password.
# To run in batch mode, you must first export an environment variable filled with the clear-text administrator password before using this script :
# For example with > export YACY_ADMIN_PASSWORD=your_admin_password
#
cd "`dirname $0`"
port=$(grep ^port= ../DATA/SETTINGS/yacy.conf |cut -d= -f2)
admin=$(grep ^adminAccountUserName= ../DATA/SETTINGS/yacy.conf |cut -d= -f2)
pw=$(grep ^adminAccountBase64MD5= ../DATA/SETTINGS/yacy.conf |cut -d= -f2)
adminAccountForLocalhost=$(grep ^adminAccountForLocalhost= ../DATA/SETTINGS/yacy.conf | cut -d= -f2)
if which curl &>/dev/null; then
curl -s -u $admin:$pw "http://127.0.0.1:$port/$1"
elif which wget &>/dev/null; then
wget -q -t 1 --timeout=120 --http-user $admin --http-password $pw "http://127.0.0.1:$port/$1" -O -
else
exit 1
if grep "<auth-method>BASIC</auth-method>" ../defaults/web.xml > /dev/null; then
# When authentication method is in basic mode, use directly the password hash from the configuration file
YACY_ADMIN_PASSWORD=$(grep ^adminAccountBase64MD5= ../DATA/SETTINGS/yacy.conf |cut -d= -f2)
fi
if which curl > /dev/null; then
if [ "$adminAccountForLocalhost" = "true" ]; then
# localhost access as administrator without authentication is enabled
curl -sSf "http://127.0.0.1:$port/$1"
elif [ -n "$YACY_ADMIN_PASSWORD" ]; then
# admin password is provided as environment variable : let's use it
curl -sSf --anyauth -u "$admin:$YACY_ADMIN_PASSWORD" "http://127.0.0.1:$port/$1"
else
# no password environment variable : it will be asked interactively
curl -sSf --anyauth -u "$admin" "http://127.0.0.1:$port/$1"
fi
elif which wget > /dev/null; then
if [ "$adminAccountForLocalhost" = "true" ]; then
# localhost access as administrator without authentication is enabled
wget -nv -t 1 --timeout=120 "http://127.0.0.1:$port/$1" -O -
elif [ -n "$YACY_ADMIN_PASSWORD" ]; then
# admin password is provided as environment variable : let's use it
wget -nv -t 1 --timeout=120 --http-user "$admin" --http-password "$YACY_ADMIN_PASSWORD" "http://127.0.0.1:$port/$1" -O -
else
# no password environment variable : it will be asked interactively
wget -nv -t 1 --timeout=120 --http-user "$admin" --ask-password "http://127.0.0.1:$port/$1" -O -
fi
else
echo "Please install curl or wget" > /dev/stderr
exit 1
fi

49
bin/apicat.sh
Unescape View File

@ -1,12 +1,49 @@
#!/usr/bin/env sh
# Call an HTTP API on the local YaCy peer, authenticated as administrator, then print the result on the standard output
# Almost the same as apicall.sh, except that wget doesn't print information messages to the standard output, only the result
#
# Authentication options :
# - enable unauthenticated local access as administrator : set adminAccountForLocalhost=true in the DATA/SETTINGS/yacy.conf file
# - OR use the legacy Basic HTTP authentication mode (unsecured for remote access): set the "auth-method" to BASIC in the defaults/web.xml file
# - OR use the Digest HTTP authentication mode : set the "auth-method" to DIGEST in the defaults/web.xml file.
# With that last option, the script will run in interactive mode as default, prompting for the administrator password.
# To run in batch mode, you must first export an environment variable filled with the clear-text administrator password before using this script :
# For example with > export YACY_ADMIN_PASSWORD=your_admin_password
#
cd "`dirname $0`"
port=$(grep ^port= ../DATA/SETTINGS/yacy.conf |cut -d= -f2)
pw=$(grep ^adminAccountBase64MD5= ../DATA/SETTINGS/yacy.conf |cut -d= -f2)
admin=$(grep ^adminAccountUserName= ../DATA/SETTINGS/yacy.conf |cut -d= -f2)
adminAccountForLocalhost=$(grep ^adminAccountForLocalhost= ../DATA/SETTINGS/yacy.conf | cut -d= -f2)
if grep "<auth-method>BASIC</auth-method>" ../defaults/web.xml > /dev/null; then
# When authentication method is in basic mode, use directly the password hash from the configuration file
YACY_ADMIN_PASSWORD=$(grep ^adminAccountBase64MD5= ../DATA/SETTINGS/yacy.conf |cut -d= -f2)
fi
if which curl &>/dev/null; then
curl -s --header "Authorization: realm=$pw" "http://127.0.0.1:$port/$1"
elif which wget &>/dev/null; then
wget -q -t 1 --timeout=5 --header "Authorization: realm=$pw" "http://127.0.0.1:$port/$1"
if which curl > /dev/null; then
if [ "$adminAccountForLocalhost" = "true" ]; then
# localhost access as administrator without authentication is enabled
curl -sSf "http://127.0.0.1:$port/$1"
elif [ -n "$YACY_ADMIN_PASSWORD" ]; then
# admin password is provided as environment variable : let's use it
curl -sSf --anyauth -u "$admin:$YACY_ADMIN_PASSWORD" "http://127.0.0.1:$port/$1"
else
# no password environment variable : it will be asked interactively
curl -sSf --anyauth -u "$admin" "http://127.0.0.1:$port/$1"
fi
elif which wget > /dev/null; then
if [ "$adminAccountForLocalhost" = "true" ]; then
# localhost access as administrator without authentication is enabled
wget -q -t 1 --timeout=120 "http://127.0.0.1:$port/$1" -O -
elif [ -n "$YACY_ADMIN_PASSWORD" ]; then
# admin password is provided as environment variable : let's use it
wget -q -t 1 --timeout=120 --http-user "$admin" --http-password "$YACY_ADMIN_PASSWORD" "http://127.0.0.1:$port/$1" -O -
else
# no password environment variable : it will be asked interactively
wget -q -t 1 --timeout=120 --http-user "$admin" --ask-password "http://127.0.0.1:$port/$1" -O -
fi
else
exit 1
echo "Please install curl or wget" > /dev/stderr
exit 1
fi

6
bin/down.sh
Unescape View File

@ -1,11 +1,13 @@
#!/usr/bin/env sh
cd "`dirname $0`"
port=$(grep ^port= ../DATA/SETTINGS/yacy.conf |cut -d= -f2)
if which curl &>/dev/null; then
if which curl > /dev/null; then
curl -s "http://localhost:$port/Network.xml?page=2&ip=" | awk '/<address>/{ gsub("<address>","" );gsub("<\/address>","" ); print $0 }' | awk '{print $1}'
elif which wget &>/dev/null; then
elif which wget > /dev/null; then
wget -q -O - "http://localhost:$port/Network.xml?page=2&ip=" | awk '/<address>/{ gsub("<address>","" );gsub("<\/address>","" ); print $0 }' | awk '{print $1}'
else
echo "Please install curl or wget" > /dev/stderr
exit 1
fi

12
bin/passwd.sh
Unescape View File

@ -1,4 +1,12 @@
#!/usr/bin/env sh
cd "`dirname $0`"
./apicall.sh "/ConfigAccounts_p.html?setAdmin=&adminuser=admin&adminpw1=$1&adminpw2=$1&access=" > /dev/null
echo "Password for User Name 'admin' set to '$1'"
if [ -z "$1" ]; then
echo "Usage : ./passwd.sh NEW_PASSWORD"
exit 2
fi
(./apicall.sh "ConfigAccounts_p.html?setAdmin=&adminuser=admin&adminpw1=$1&adminpw2=$1&access=" > /dev/null && \
echo "Password for User Name 'admin' set to '$1'") || \
(echo "Password setting failed" && \
exit 1)

8
bin/search1.sh
Unescape View File

@ -1,19 +1,19 @@
#!/usr/bin/env sh
cd "`dirname $0`"
if which curl &>/dev/null; then
if which curl > /dev/null; then
while getopts "ys" opt; do
case $opt in
y)
shift;
curl -s "http://$1/yacysearch.rss?query=$2" | awk '/^<link>/{ gsub("<link>","" );gsub("<\/link>","" ); print $0 }'
curl -sSf "http://$1/yacysearch.rss?query=$2" | awk '/^<link>/{ gsub("<link>","" );gsub("<\/link>","" ); print $0 }'
;;
s)
shift;
curl -s "http://$1/solr/select?q=text_t:$2&start=0&rows=100&fl=sku&wt=rss" | awk '/^<link>/{ gsub("<link>","" );gsub("<\/link>","" ); print $0 }'
curl -sSf "http://$1/solr/select?q=text_t:$2&start=0&rows=100&fl=sku&wt=rss" | awk '/^<link>/{ gsub("<link>","" );gsub("<\/link>","" ); print $0 }'
;;
esac
done
elif which wget &>/dev/null; then
elif which wget > /dev/null; then
while getopts "ys" opt; do
case $opt in
y)

7
stopYACY.sh
Unescape View File

@ -1,10 +1,11 @@
#!/usr/bin/env sh
cd `dirname $0`
bin/apicall.sh "Steering.html?shutdown=true" > /dev/null
(bin/apicall.sh "Steering.html?shutdown=true" > /dev/null && \
echo "Please wait until the YaCy daemon process terminates [wget]"
echo "You can monitor this with 'tail -f DATA/LOG/yacy00.log' and 'fuser log/yacy00.log'"
echo "Please wait until the YaCy daemon process terminates [wget]" && \
echo "You can monitor this with 'tail -f DATA/LOG/yacy00.log' and 'fuser log/yacy00.log'") || \
exit $?
# wait until the yacy.running file disappears which means that YaCy has terminated
# If you don't want to wait, just run this concurrently

Write Preview
Loading…
Cancel
Save